pam pop issue
Michael Menge
michael.menge at zdv.uni-tuebingen.de
Mon Jun 16 15:16:33 EDT 2008
Hi,
sasl does not pass the IP-Address to pam.
Quoting Ashay Chitnis <chitnis.ashay at gmail.com>:
> Dear All,
>
> I need to access pop and imap on user based IP level restrictions. I found
> pam to be best suited for this service level restriction. The restriction
> will be as below.
>
> User pqr should be allowed POP from IPADDR-1
> User B should be allowed IMAP from IPADDR-2
> User C should be allowed POP and IMAP from IPADDR-3
>
> and so on.
>
> To achieve this below settings are done in /etc/pam.d/pop
>
>
> cat /etc/pam.d/pop
> auth required /lib/security/pam_ldap.so
> account required /lib/security/pam_access.so debug
> accessfile=/usr/local/etc/popaccess.conf
> account required /lib/security/pam_ldap.so
>
>
> cat /usr/local/etc/popaccess.conf
>
> +:pqr:192.168.2.66/32
>
> OR
>
> -:pqr:ALL EXCEPT 192.168.2.66/32
>
>
> But this does not see to be working as it is not yielding desired effect
> even after restarting saslauthd and cyrus..
>
>
> Kindly guide me through..
>
> regards
> Ashay
>
--------------------------------------------------------------------------------
M.Menge Tel.: (49) 7071/29-70316
Universitaet Tuebingen Fax.: (49) 7071/29-5912
Zentrum fuer Datenverarbeitung mail:
michael.menge at zdv.uni-tuebingen.de
Waechterstrasse 76
72074 Tuebingen
More information about the Info-cyrus
mailing list